Hi!
I have Portal application which is on http. However I like to do user
authentificatio n using SSL
I like approach most sites use:
They have
<form name="loginForm " action="https://sss" method="post">
...
I wonder how can I do "action" parameter dinamic from my ASP.NET ?
Next question is how to actually read values when it get's posted to
"https://sss"
Another question is
If I authentificated user and want to go to exactly same place user came
from (original http://aaa) How do I get this address ?
Also, I want to maintain same Session. All user credentials will be stored
there.
Is it correct approach to securing user login/password ? 4  1530 
> I like approach most sites use: They have
<form name="loginForm " action="https://sss" method="post">
I wonder how can I do "action" parameter dinamic from my ASP.NET ?
You just need to remove the runat=server attribute from the form tag and you
can do this. ASP.NET wraps an object oriented framework around these pages -
so you define the variables and then use the same variables to access the
data you collect in the postback. If you post to another page, you don't get
to do this - you just iterate through the collections that are passed the
same way you did 5 years ago. You can keep on doing it the old way (in which
case you can no longer use web controls) but you may want to consider
re-thinking the way you do things using this new paradigm. You might find
that you like it better - I know that I certainly did, once I got used to
it.
--
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
--
"Chris Jackson" <ch****@mvps.or g> wrote in message
news:eg******** ******@TK2MSFTN GP10.phx.gbl... I like approach most sites use:
They have
<form name="loginForm " action="https://sss" method="post">
I wonder how can I do "action" parameter dinamic from my ASP.NET ?
You just need to remove the runat=server attribute from the form tag and
you can do this.
I don't have any
ASP.NET wraps an object oriented framework around these pages -
so you define the variables and then use the same variables to access the
data you collect in the postback. If you post to another page, you don't
get to do this - you just iterate through the collections that are passed the
same way you did 5 years ago.
What collection? I wasn't in web dev 5 years ago...
want to consider
re-thinking the way you do things using this new paradigm. You might find
that you like it better - I know that I certainly did, once I got used to
it.
I certanly want to do it right way.
Here is my scenario:
I have portal which does not have secure data right now. However, it allow
user to setup preferences.
Soon, I will be adding online store and want same users to be able use it. I
need "Login" block on main page (which is not secure)
From what I understand there is no build-in way for providing SSL for users
other then redirecting post to different page (from secured place).
In .NET I would have to create separate Login only page for this...
Any other ideas on how this could be done?
This isn't a problem that is unique to .NET - it's the same for any web site
you develop. .NET is only the environment you use to program the server - it
has no effect on what the client sees, which is still just plain old DHTML.
If you want to have just the login page encrypted, you can post to an SSL
page and make that happen. Alternately, if you want to simply have it post
back to itself, you need to have that page itself using SSL. SSL is not
something you provide - you simply need to have an https page on a certified
server. There is no configuration of the page, per se, but simply a
configuration of your server and where you place your files. Nothing is
unique to .NET here - this is simply a function of how the technology works.
Intro to SSL here: http://developer.netscape.com/docs/m...n/contents.htm
--
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
--
"Ivan Demkovitch" <i@d> wrote in message
news:O5******** ******@TK2MSFTN GP09.phx.gbl...
"Chris Jackson" <ch****@mvps.or g> wrote in message
news:eg******** ******@TK2MSFTN GP10.phx.gbl... I like approach most sites use:
They have
<form name="loginForm " action="https://sss" method="post">
I wonder how can I do "action" parameter dinamic from my ASP.NET ?
You just need to remove the runat=server attribute from the form tag and
you can do this.
I don't have any
ASP.NET wraps an object oriented framework around these pages -
so you define the variables and then use the same variables to access
the data you collect in the postback. If you post to another page, you don't
get to do this - you just iterate through the collections that are passed
the same way you did 5 years ago.
What collection? I wasn't in web dev 5 years ago...
want to consider
re-thinking the way you do things using this new paradigm. You might
find that you like it better - I know that I certainly did, once I got used
to it.
I certanly want to do it right way.
Here is my scenario:
I have portal which does not have secure data right now. However, it allow
user to setup preferences.
Soon, I will be adding online store and want same users to be able use it.
I need "Login" block on main page (which is not secure)
From what I understand there is no build-in way for providing SSL for
users other then redirecting post to different page (from secured place).
In .NET I would have to create separate Login only page for this...
Any other ideas on how this could be done?
Chris,
Thank you for response.
I managed to make it work. However I have following problem:
1. Page posts to secured page fine (I assume user info is securely
transmitted and I don't miss anything here)
2. I have following code(in secured page):
Response.Redire ct ("http://ivand/ASPNET/Default.aspx");
This suppose to redirect me back to main page (Main page load's depending on
security already saved in session)
But I get warning: "You are about to be redirected to a connection that is
not secure ...."
I understand why, but is there is any way to accomplish this without this
messages ??
"Chris Jackson" <ch****@mvps.or g> wrote in message
news:e3******** ******@tk2msftn gp13.phx.gbl... This isn't a problem that is unique to .NET - it's the same for any web
site you develop. .NET is only the environment you use to program the server -
it has no effect on what the client sees, which is still just plain old
DHTML.
If you want to have just the login page encrypted, you can post to an SSL
page and make that happen. Alternately, if you want to simply have it post
back to itself, you need to have that page itself using SSL. SSL is not
something you provide - you simply need to have an https page on a
certified server. There is no configuration of the page, per se, but simply a
configuration of your server and where you place your files. Nothing is
unique to .NET here - this is simply a function of how the technology
works.
Intro to SSL here:
http://developer.netscape.com/docs/m...n/contents.htm
--
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
--
"Ivan Demkovitch" <i@d> wrote in message
news:O5******** ******@TK2MSFTN GP09.phx.gbl...
"Chris Jackson" <ch****@mvps.or g> wrote in message
news:eg******** ******@TK2MSFTN GP10.phx.gbl... > I like approach most sites use:
> They have
> <form name="loginForm " action="https://sss" method="post">
> I wonder how can I do "action" parameter dinamic from my ASP.NET ?
You just need to remove the runat=server attribute from the form tag
and you can do this.
I don't have any
ASP.NET wraps an object oriented framework around these pages -
so you define the variables and then use the same variables to access the data you collect in the postback. If you post to another page, you
don't get to do this - you just iterate through the collections that are passed the same way you did 5 years ago.
What collection? I wasn't in web dev 5 years ago...
want to consider
re-thinking the way you do things using this new paradigm. You might find that you like it better - I know that I certainly did, once I got used to it.
I certanly want to do it right way.
Here is my scenario:
I have portal which does not have secure data right now. However, it
allow user to setup preferences.
Soon, I will be adding online store and want same users to be able use
it. I need "Login" block on main page (which is not secure)
From what I understand there is no build-in way for providing SSL for
users other then redirecting post to different page (from secured place).
In .NET I would have to create separate Login only page for this...
Any other ideas on how this could be done?
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: HANG LAM |
last post by:
Hi,
Simple question, Is there a way to post the data from one .aspx page
to another page ?
For example, I have a Page1.aspx that lets the user enter data like
"Last Name", "First Name", but I want post that information into another
..aspx page (Page2.aspx ) .
I know I can do a redirect to the second page ,but then I will have to
|
by: anon |
last post by:
Post Forwarding question......
For this control below,
<asp:Button runat="server" PostTargetUrl="page2.aspx" />
The Attribute: PostTargetUrl="page2.aspx"
Is this PostTargetUrl Attribute going to be available in the <a> and Html
Controls as well as opposed to just the <asp:Button> control?
|
by: DaveFash |
last post by:
Posting variables from an HTML FORM, via
the Request.Form function on the receiving
ASP page is great.
But how can you POST a Form variable to
an ASP page -- without a human pushing a
Submit button?
An ASP page that can decide when to POST
and send the Form vaiables, but out without a
|
by: Magnus |
last post by:
Hi!
This is my problem:
I want to go from page1 to page2,
and to get all the form variables from page1
to page2.
I have turned the viewstate and the sessionstate off,
and i really just want to get these variables the
|
by: Rob Shorney |
last post by:
Hi,
We currently have a classic asp web application.
We are currently looking at upgrading this to ASP.NET.
However I have a couple of problems that need to be resolved.
1. aspx forms always post back to themselves. how do I get it to post to
another web page.
| | |
by: ejs |
last post by:
Please read the entire reponse, hopefully this clears up your questions.
The data used that needs to go into the batchupload page comes from a
server. My problem is that currently I write a file to the server and then
the user has to pick this file and send it up to the batchupload page. The
batchupload page is not one of our page, instead it is another company's
page. This is there interface to do batch processing. We have no control...
|
by: Peter Afonin |
last post by:
Hello,
I have a form with several buttons, and I need to post this data to several
different applications. In ASP.NET 1.1 it was quite easy - I just used HTML
controls (text or hidden), then assigned the action to each button on
Page_Load event:
Me.ibPayWM.Attributes.Add("onclick",
"noPostBack('https://merchant.webmoney.ru/lmi/payment.asp');")
Me.ibPayRx.Attributes.Add("onclick",
|
by: Bruce Wood |
last post by:
This subject has come up several times in this group over the last
year. Several people in this group seem to feel strongly about this
topic. Rather than derail other threads with this discussion, I
figured we could talk about it here.
Since I'm leading off here, I'll state my opinion on the matter.
I really don't care one way or the other. I use Google, and for all
its faults, does do one thing right: it hides quoted text. So, I just...
|
by: J055 |
last post by:
Hi
I'd like to post a page to another page using LinkButton.PostBackUrl. Then
using another LinkButton on the target page post back to the source page and
restore the controls to the state they were in before the first post to the
target.
Is there an easy way to do this? Perhaps I should consider another approach?
Many thanks
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
